| commit | 04a5ff12178fe7f6cab1eb0e2d370d8dfb17ea2b | |
| author | Dan Carpenter <dan.carpenter@oracle.com> | |
| Mon, 14 Jan 2019 14:35:31 +0000 (14 17:35 +0300) | ||
| committer | Dan Carpenter <dan.carpenter@oracle.com> | |
| Mon, 14 Jan 2019 14:35:31 +0000 (14 17:35 +0300) | ||
| tree | 06abf9fb57dfd441ca0a7b51e1d17721ef9f7061 | treesnapshot (tar.gz zip) |
| parent | 7deff5689fa6618f6c9b72243eca5c4e3c7a4e9d | commitdiff |
implied: Preserve ->hard_max for fake history states
In smatch_implied.c we sometimes split an estate (extra state)
into two parts to create a fake history. This happens when we
have an if statement like "if (x < 10) {" and we hadn't
previously known that x=0-9 was an "interesting" range before.
Maybe we had only known that x could be in the 0-20 range.
So instead of one state, we split it into two states. But
unfortunately the ->hard_max information was not preserved so
we missed out on some array overflow warnings.
Reported-by: John Levon <levon@movementarian.org>
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
In smatch_implied.c we sometimes split an estate (extra state)
into two parts to create a fake history. This happens when we
have an if statement like "if (x < 10) {" and we hadn't
previously known that x=0-9 was an "interesting" range before.
Maybe we had only known that x could be in the 0-20 range.
So instead of one state, we split it into two states. But
unfortunately the ->hard_max information was not preserved so
we missed out on some array overflow warnings.
Reported-by: John Levon <levon@movementarian.org>
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
| smatch_estate.c | diffblobblamehistory | |
| smatch_extra.h | diffblobblamehistory | |
| smatch_implied.c | diffblobblamehistory |